Solaris@9 Security Vulnerabilities and Issues — Solaris@9 CVE List

Lucene search

SunSolaris9

35 matches found

CVE•added 2008/12/19 5:30 p.m.•50 views

CVE-2008-5684

Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the G...

5CVSS6AI score0.01042EPSS

CVE•added 2009/01/15 5:30 p.m.•49 views

CVE-2009-0132

Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).

4.9CVSS6.3AI score0.00107EPSS

CVE•added 2009/04/09 3:8 p.m.•49 views

CVE-2009-1276

XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail not...

2.1CVSS5.8AI score0.00066EPSS

CVE•added 2008/11/10 3:23 p.m.•48 views

CVE-2008-5010

in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805.

10CVSS6.5AI score0.10097EPSS

CVE•added 2009/09/08 6:30 p.m.•48 views

CVE-2009-3100

xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an A...

4CVSS6.4AI score0.00038EPSS

CVE•added 2008/08/08 6:41 p.m.•47 views

CVE-2008-0964

Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

9.3CVSS7.3AI score0.24948EPSS

CVE•added 2008/10/14 10:36 p.m.•47 views

CVE-2008-4556

Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.

10CVSS7.7AI score0.7931EPSS

CVE•added 2009/01/28 6:30 p.m.•46 views

CVE-2009-0319

Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems."

6.9CVSS6.6AI score0.00044EPSS

CVE•added 2009/08/21 11:2 a.m.•46 views

CVE-2009-2912

The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.

4.9CVSS6.2AI score0.00061EPSS

CVE•added 2009/03/12 3:20 p.m.•45 views

CVE-2009-0874

Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones rela...

4.9CVSS7.3AI score0.00037EPSS

CVE•added 2009/07/10 5:30 p.m.•45 views

CVE-2009-2430

Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and OpenSolaris snv_01 through snv_58, when Solaris Auditing is enabled, allows local users with an RBAC execution profile for auditconfig to gain privileges via unknown attack vectors.

4.6CVSS6.4AI score0.00066EPSS

CVE•added 2009/03/12 3:20 p.m.•44 views

CVE-2009-0875

Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is t...

6.9CVSS6.9AI score0.00026EPSS

CVE•added 2009/01/26 3:30 p.m.•43 views

CVE-2009-0268

Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl.

4.9CVSS6AI score0.00048EPSS

CVE•added 2009/04/01 10:30 a.m.•43 views

CVE-2009-1207

Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files.

4.4CVSS6.1AI score0.00045EPSS

CVE•added 2009/08/27 5:30 p.m.•43 views

CVE-2009-2972

in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."

7.8CVSS6.7AI score0.01517EPSS

CVE•added 2008/06/30 10:41 p.m.•42 views

CVE-2008-2946

The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets.

7.8CVSS6.3AI score0.00817EPSS

CVE•added 2009/01/26 3:30 p.m.•42 views

CVE-2009-0267

libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.

5CVSS6.5AI score0.03788EPSS

CVE•added 2008/08/08 6:41 p.m.•41 views

CVE-2008-0965

Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.

9.3CVSS7.4AI score0.20404EPSS

CVE•added 2009/06/05 4:0 p.m.•41 views

CVE-2009-1933

Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.

4.7CVSS8.6AI score0.00063EPSS

CVE•added 2008/07/31 10:41 p.m.•40 views

CVE-2008-3426

Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpic...

2.1CVSS6AI score0.00069EPSS

CVE•added 2009/01/29 7:30 p.m.•40 views

CVE-2009-0346

The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection.

4.9CVSS6.3AI score0.00051EPSS

CVE•added 2009/02/09 4:30 p.m.•40 views

CVE-2009-0480

The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets.

4.9CVSS6.3AI score0.00058EPSS

CVE•added 2008/12/19 5:30 p.m.•39 views

CVE-2008-5690

The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the stor...

2.1CVSS8.5AI score0.00043EPSS

CVE•added 2009/09/14 4:30 p.m.•39 views

CVE-2009-3183

Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.

7.2CVSS6.6AI score0.00048EPSS

CVE•added 2008/09/19 5:15 p.m.•38 views

CVE-2008-4131

Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit programs.

7.2CVSS6.5AI score0.00227EPSS

CVE•added 2007/12/20 11:46 p.m.•37 views

CVE-2007-6505

Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.

3.5CVSS6.5AI score0.0033EPSS

CVE•added 2008/02/12 2:0 a.m.•36 views

CVE-2008-0718

Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors.

4.7CVSS6.1AI score0.00045EPSS

CVE•added 2008/02/29 11:44 a.m.•36 views

CVE-2008-1095

Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.

6.8CVSS6.8AI score0.00723EPSS

CVE•added 2009/05/18 6:30 p.m.•36 views

CVE-2009-1673

The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD.

4.9CVSS6.3AI score0.0006EPSS

CVE•added 2008/04/14 4:5 p.m.•35 views

CVE-2008-1779

Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.

6.8CVSS6.3AI score0.01379EPSS

CVE•added 2008/06/03 3:32 p.m.•35 views

CVE-2008-2538

Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors.

6.9CVSS6.2AI score0.00036EPSS

CVE•added 2009/06/11 3:30 p.m.•35 views

CVE-2009-2029

Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.

5CVSS6.1AI score0.00742EPSS

CVE•added 2008/09/02 2:24 p.m.•33 views

CVE-2008-3875

The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls.

7.2CVSS6AI score0.00064EPSS

CVE•added 2008/02/20 9:44 p.m.•32 views

CVE-2008-0836

Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319.

4.9CVSS6.2AI score0.0061EPSS

CVE•added 2008/09/22 6:52 p.m.•26 views

CVE-2008-4160

Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation.

4.7CVSS5.9AI score0.00058EPSS